Cloudflare pitches zero-trust security with new Cloudflare One suite
Cloudflare Inc. today debuted Cloudflare One, an expansive suite of cybersecurity and networking tools aimed at enabling companies to fend off online threats more effectively.
The offering is the culmination of the content delivery giant’s multiyear effort to capture a bigger slice of the lucrative security market. Cloudflare One brings together existing Cloudflare products, technology obtained through a recent acquisition and new products set to be detailed later on.
The suite’s first focus is enabling remote workers to securely access company applications. The suite includes an improved version of Access, an existing Cloudflare service that enables enterprises to verify login requests to their systems. Enterprises can now perform login verification using the popular security services offered by OneLogin Inc., Okta Inc. and Ping Identity Inc. thanks to new partnerships Cloudflare has struck with the firms.
“Cloudflare One does not require you to standardize on just one identity provider,” Cloudflare Chief Executive Officer Matthew Prince Prince (pictured with co-founder and Chief Operating Officer Michelle Zatlyn) wrote in a blog post detailing Cloudflare One.
Besides securing login requests, Cloudflare also wants to play a role in how companies secure their employees’ devices. It plans to introduce a browser isolation tool on Wednesday that will enable workers to visit websites without downloading web pages onto their machines. The tool, which appears to be based on Cloudflare’s acquisition of S2 Systems this year, provides a layer of separation between users and the public internet that reduces the risk of malware infections.
In the same spirit of stopping malware, Cloudflare One includes integrations with popular endpoint protection products such as VMware Inc.’s Carbon Black. “Organizations can centralize around a single vendor for device integrity or can mix and match with Cloudflare One providing a consistent control plane,” Prince wrote.
To help companies protect their backend infrastructure, the suite will include an upcoming firewall product dubbed Magic Firewall that will filter malicious firewall traffic. Cloudflare is also throwing in a new intrusion detection system that it says will be capable of detecting unauthorized access attempts.
Cloudflare One is based on a concept known as zero-trust security that has been gaining steam in recent years. Historically, requests from trusted devices such as employee workstations at a company’s headquarters would be automatically approved. Under the zero-trust model, however, all requests are scanned by default on the presumption that no devices can be trusted safely.
Officially, Cloudflare describes Cloudflare One as a network-as-a-service-solution. That’s because the company is aiming to replace not only traditional security tools used by enterprises but also parts of their network infrastructure. The suite includes wide-area network management features that, according to Prince, can substitute the “patchwork of appliances and WAN technologies” that make up a traditional corporate network.
The components of Cloudflare One are set to become available gradually over the coming week.
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.